[CentOS] LDAP / NSCD shadow caching problem

Thu Jul 15 17:07:27 UTC 2010
Gordon Messmer <yinyang at eburg.com>

On 07/15/2010 09:15 AM, Brian Marshall wrote:
>  The problem still remains, when the LDAP server is offline there is
> no shadow data cached so LDAP users can not authenticate on cached
> data despite caching and local auth sufficient being enabled in
> authconfig .

Most LDAP servers don't provide the hash that you expect from "shadow 
data", so it isn't possible for nscd to cache anything.  Login with LDAP 
is normally an interactive process, handled by the LDAP server.